﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using DataAccess;
using Models;
using System.Security;
using System.Security.Permissions;
using System.Reflection;
using System.Runtime.CompilerServices;

//// This strong name key is used to create a code group that gives permissions to this assembly.
//[assembly: AssemblyKeyFile("snKey.snk")]
// The AllowPartiallyTrustedCallersAttribute requires the assembly to be signed with a strong name key.
// This attribute is necessary since the control is called by either an intranet or Internet
// Web page that should be running under restricted permissions.
[assembly: AllowPartiallyTrustedCallers]

namespace Business {
    public class UserServices {
        // Demand the zone requirement for the calling application.

        public UserServices() {

        }
        #region Casting
        public int ToInt(string input) {
            if (input != "")
                return Int32.Parse(input);
            return 0;
        }
        #endregion

        public User GetUserByName(string USERNAME) {
            User user = new User();
            string query = "select client_id, name, email, is_admin,role from Users where username = '" + USERNAME.Trim() + "';";
            CreateConnection cn = new CreateConnection();
            DataTable tb = cn.CreateDataTable(query);
            foreach (DataRow r in tb.Rows) {
                user.ClientID = Int32.Parse(r["client_id"].ToString());
                user.Name = r["name"].ToString();
                user.Email = r["email"].ToString();
                user.Role = r["role"].ToString();
                user.Is_admin = r["is_admin"].ToString();

            }
            return user;
        }
        public Client getClientByID(int clientID) {
            String query = "SELECT parent_client_id, clientName, contactPerson, phoneMobile, fax, email, address,distributionEmail FROM  Clients WHERE (client_id =" + clientID + ")";
            // SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
            CreateConnection conn = new CreateConnection();
            DataTable clientTable = conn.CreateDataTable(query);
            Client client = new Client();
            foreach (DataRow dr_component in clientTable.Rows) {

                client.ClientName = dr_component["clientName"].ToString();
                client.ContactPerson = dr_component["contactPerson"].ToString();
                client.PhoneMobile = dr_component["phoneMobile"].ToString();
                client.Fax = dr_component["fax"].ToString();
                client.Email = dr_component["email"].ToString();
                client.Address = dr_component["address"].ToString();
                client.DistributedEmail = dr_component["distributionEmail"].ToString();
                client.ParentClientID = ToInt(dr_component["parent_client_id"].ToString());
                client.ClientID = clientID;
            }
            return client;
        }
        public bool updatepsw(string username, string oldpsw, string newpsw) {
            bool returnvalue = false;
            //User user = new User();
            Encryption encry = new Encryption();
            string query = "select password from Users where username = '" + username.Trim() + "';";
            CreateConnection cn = new CreateConnection();
            try {
                DataTable tb = cn.CreateDataTable(query);

                foreach (DataRow r in tb.Rows) {
                    // user.ClientID = Int32.Parse(r["client_id"].ToString());
                    String password = r["password"].ToString();
                    try {
                        if (password.Equals(encry.EncryptString(oldpsw))) {
                            r.BeginEdit();
                            string encrypted_psw = encry.EncryptString(newpsw);
                            // r["password"] = encry.EncryptString(newpsw);
                            string query_update = "update Users set password='" + encrypted_psw + "'where username='" + username + "'";
                            CreateConn query_con = new CreateConn();
                            query_con.SQLConnDataTable(query_update);
                            returnvalue = true;
                        }
                    } catch (Exception e2) {
                        string errmsg = e2.ToString();
                    }

                    //  r.AcceptChanges();


                    //r.EndEdit();

                }
                tb.AcceptChanges();
            } catch (Exception e) {
                string errmsg = e.ToString();
            }
            return returnvalue;
        }



    }
}
